Does WP Reading Progress have any unpatched vulnerabilities?

No. All known vulnerabilities in WP Reading Progress have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is WP Reading Progress compatible with WordPress 6.9.4?

According to WordPress.org data, WP Reading Progress 1.7.0 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is WP Reading Progress compatible with PHP 5.6+?

WP Reading Progress requires PHP 5.6 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is WP Reading Progress updated?

WP Reading Progress was last updated on Feb 11, 2026. Frequent updates are generally a positive security signal.

What is WP Reading Progress's security score?

WP Reading Progress has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

WP Reading Progress Security & Risk Analysis

wordpress.org/plugins/wp-reading-progress

Light weight fully customizable reading progress bar. Sticks to top, bottom or sticky menu, with fallback for small screens. Includes ert (beta).

3K active installs v1.7.0 PHP 5.6+ WP 4.9+ Updated Feb 11, 2026

estimated-reading-timeprogressprogressbarreading

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is WP Reading Progress Safe to Use in 2026?

Generally Safe

Score 100/100

WP Reading Progress has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The wp-reading-progress v1.7.0 plugin exhibits a generally good security posture based on the provided static analysis. The absence of dangerous functions, reliance on prepared statements for all SQL queries, and the presence of nonce and capability checks are positive indicators. Furthermore, the lack of known vulnerabilities and critical taint flows suggests a mature and well-maintained codebase.

However, a concern arises from the output escaping. With 31 total outputs and only 71% properly escaped, this leaves a portion of the plugin's output potentially vulnerable to Cross-Site Scripting (XSS) attacks. While the attack surface is small and currently has no unprotected entry points, this unescaped output represents the most significant risk identified in the code analysis.

In conclusion, the plugin demonstrates strong practices in critical areas like SQL handling and authentication. The primary weakness lies in the insufficient output escaping. The absence of any historical vulnerabilities is a strong positive, suggesting a commitment to security. Addressing the output escaping issue would significantly strengthen its overall security.

Key Concerns

Insufficient output escaping (29% unescaped)

Vulnerabilities

None known

WP Reading Progress Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

WP Reading Progress Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

22 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

71% escaped31 total outputs

Attack Surface

WP Reading Progress Attack Surface

Entry Points1

Unprotected0

Shortcodes 1

[wp-reading-progress-ert] wp-reading-progress.php:80

WordPress Hooks 8

actioninitwp-reading-progress.php:22

actionwpwp-reading-progress.php:23

actionadmin_initwp-reading-progress.php:33

actionadmin_menuwp-reading-progress.php:34

actionadd_meta_boxeswp-reading-progress.php:36

actionsave_postwp-reading-progress.php:37

actionwp_headwp-reading-progress.php:71

filterget_the_excerptwp-reading-progress.php:83

Maintenance & Trust

WP Reading Progress Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedFeb 11, 2026

PHP min version5.6

Downloads49K

Community Trust

Rating100/100

Number of ratings19

Active installs3K

Alternatives

WP Reading Progress Alternatives

Reading progressbar

reading-progress-bar

100

A reading position indicator that you can use where you want: top, bottom or custom position in differents templates or post types.

6K No CVEs

Catch Scroll Progress Bar

catch-scroll-progress-bar

100

Catch Scroll Progress Bar - Catch Scroll Progress Bar is a simple, super-light WordPress progress bar plugin that has the most essential features to s …

1K 1 CVE

ReadBar – Smart Reading Time & Dynamic Progress Bar

read-bar

100

Add estimated reading time and a dynamic reading progress bar to your WordPress posts and pages to boost content engagement and improve readability.

0 No CVEs

WP Post Reading Progress

wp-post-reading-progress

Add time to read or progress bar to your posts and pages!

0 No CVEs

Read Meter – Reading Time & Progress Bar

read-meter

100

The Read Meter plugin displays the estimated reading time for blog posts along with a progress bar.

10K No CVEs

Developer Profile

WP Reading Progress Developer Profile

Joeri van Veen

6 plugins · 3K total installs

trust score

Avg Security Score

98/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect WP Reading Progress

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/wp-reading-progress/wp-reading-progress.min.js

Script Paths

/wp-content/plugins/wp-reading-progress/admin.min.js/wp-content/plugins/wp-reading-progress/wp-reading-progress.min.js

Version Parameters

wp-reading-progress.min.js?ver=

HTML / DOM Fingerprints

CSS Classes

wp-reading-progress-ert

Data Attributes

data-ertdata-minutes_ruigehond006_show

JS Globals

ruigehond006_c

Shortcode Output

<span class='wp-reading-progress-ert post-

FAQ